charts/appmanager/templates/install.yaml - helm-charts - Gitiles

 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
   name: {{ .Values.clusterRoleName }}
 rules:
 - apiGroups:
   - ""
   resources:
   - namespaces
   verbs:
   - create
 - apiGroups:
   - "batch"
   resources:
   - jobs
   verbs:
   - create
 - apiGroups:
   - "*"
   resources:
   - "*"
   verbs:
   - get
   - list
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
   name: {{ .Values.clusterRoleName }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
   name: {{ .Values.clusterRoleName }}
 subjects:
 - kind: ServiceAccount
   name: default
   namespace: {{ .Release.Namespace }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
   name: ssh-key
 type: Opaque
 data:
   private: {{ .Values.sshPrivateKey }}
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: appmanager
   namespace: {{ .Release.Namespace }}
 spec:
   type: ClusterIP
   selector:
     app: appmanager
   ports:
   - name: http
     port: 80
     targetPort: http
     protocol: TCP
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: appmanager
   namespace: {{ .Release.Namespace }}
 spec:
   selector:
     matchLabels:
       app: appmanager
   replicas: 1
   template:
     metadata:
       labels:
         app: appmanager
     spec:
       volumes:
       - name: ssh-key
         secret:
           secretName: ssh-key
       containers:
       - name: appmanager
         image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         ports:
         - name: http
           containerPort: {{ .Values.port }}
           protocol: TCP
         command:
         - pcloud-installer
         - appmanager
         - --repo-addr={{ .Values.repoAddr }}
         - --ssh-key=/pcloud/ssh-key/private
         - --headscale-api-addr={{ .Values.headscaleAPIAddr }}
         - --dns-api-addr={{ .Values.dnsAPIAddr }}
         - --cluster-proxy-config-path={{ .Values.clusterProxyConfigPath }}
         - --port={{ .Values.port }}
         {{- if .Values.appRepoAddr }}
         - --app-repo-addr={{ .Values.appRepoAddr }}
         {{- end}}
         volumeMounts:
         - name: ssh-key
           readOnly: true
           mountPath: /pcloud/ssh-key
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRole
	metadata:
	name: {{ .Values.clusterRoleName }}
	rules:
	- apiGroups:
	- ""
	resources:
	- namespaces
	verbs:
	- create
	- apiGroups:
	- "batch"
	resources:
	- jobs
	verbs:
	- create
	- apiGroups:
	- "*"
	resources:
	- "*"
	verbs:
	- get
	- list
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: ClusterRoleBinding
	metadata:
	name: {{ .Values.clusterRoleName }}
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: ClusterRole
	name: {{ .Values.clusterRoleName }}
	subjects:
	- kind: ServiceAccount
	name: default
	namespace: {{ .Release.Namespace }}
	---
	apiVersion: v1
	kind: Secret
	metadata:
	name: ssh-key
	type: Opaque
	data:
	private: {{ .Values.sshPrivateKey }}
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: appmanager
	namespace: {{ .Release.Namespace }}
	spec:
	type: ClusterIP
	selector:
	app: appmanager
	ports:
	- name: http
	port: 80
	targetPort: http
	protocol: TCP
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: appmanager
	namespace: {{ .Release.Namespace }}
	spec:
	selector:
	matchLabels:
	app: appmanager
	replicas: 1
	template:
	metadata:
	labels:
	app: appmanager
	spec:
	volumes:
	- name: ssh-key
	secret:
	secretName: ssh-key
	containers:
	- name: appmanager
	image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
	imagePullPolicy: {{ .Values.image.pullPolicy }}
	ports:
	- name: http
	containerPort: {{ .Values.port }}
	protocol: TCP
	command:
	- pcloud-installer
	- appmanager
	- --repo-addr={{ .Values.repoAddr }}
	- --ssh-key=/pcloud/ssh-key/private
	- --headscale-api-addr={{ .Values.headscaleAPIAddr }}
	- --dns-api-addr={{ .Values.dnsAPIAddr }}
	- --cluster-proxy-config-path={{ .Values.clusterProxyConfigPath }}
	- --port={{ .Values.port }}
	{{- if .Values.appRepoAddr }}
	- --app-repo-addr={{ .Values.appRepoAddr }}
	{{- end}}
	volumeMounts:
	- name: ssh-key
	readOnly: true
	mountPath: /pcloud/ssh-key